| Jan Schär | 652c2ad | 2024-11-19 17:40:50 +0100 | [diff] [blame] | 1 | // This is a test for PersistentVolumes provided by our provisioner. It tests |
| 2 | // that volumes have the right mount flags, and the expected quotas. |
| 3 | // |
| 4 | // The package here is a binary which will run in a Pod in our Kubernetes |
| 5 | // end-to-end test. See the function makeTestStatefulSet in |
| 6 | // metropolis/test/e2e/suites/kubernetes/kubernetes_helpers.go for how the Pod |
| 7 | // is created. |
| 8 | package main |
| 9 | |
| 10 | import ( |
| 11 | "errors" |
| Jan Schär | 73beb69 | 2024-11-27 17:47:09 +0100 | [diff] [blame] | 12 | "flag" |
| Jan Schär | 652c2ad | 2024-11-19 17:40:50 +0100 | [diff] [blame] | 13 | "fmt" |
| 14 | "os" |
| 15 | "path/filepath" |
| 16 | "syscall" |
| 17 | "time" |
| 18 | |
| 19 | "golang.org/x/sys/unix" |
| Jan Schär | be70c92 | 2024-11-21 11:16:03 +0100 | [diff] [blame] | 20 | |
| 21 | "source.monogon.dev/osbase/blockdev" |
| Jan Schär | 652c2ad | 2024-11-19 17:40:50 +0100 | [diff] [blame] | 22 | ) |
| 23 | |
| 24 | // This is a copy of the constant in metropolis/node/kubernetes/provisioner.go. |
| 25 | const inodeCapacityRatio = 4 * 512 |
| 26 | |
| Jan Schär | 73beb69 | 2024-11-27 17:47:09 +0100 | [diff] [blame] | 27 | var runtimeClass = flag.String("runtimeclass", "", "Name of the runtime class") |
| 28 | |
| Jan Schär | 652c2ad | 2024-11-19 17:40:50 +0100 | [diff] [blame] | 29 | // checkFilesystemVolume checks that the filesystem containing path has the |
| 30 | // given mount flags and capacity. |
| 31 | func checkFilesystemVolume(path string, expectedFlags int64, expectedBytes uint64) error { |
| 32 | var statfs unix.Statfs_t |
| 33 | err := unix.Statfs(path, &statfs) |
| 34 | if err != nil { |
| 35 | return fmt.Errorf("failed to statfs volume %q: %w", path, err) |
| 36 | } |
| 37 | |
| 38 | if statfs.Flags&unix.ST_RDONLY != expectedFlags&unix.ST_RDONLY { |
| 39 | return fmt.Errorf("volume %q has readonly flag %v, expected the opposite", path, statfs.Flags&unix.ST_RDONLY != 0) |
| 40 | } |
| 41 | if statfs.Flags&unix.ST_NOSUID != expectedFlags&unix.ST_NOSUID { |
| 42 | return fmt.Errorf("volume %q has nosuid flag %v, expected the opposite", path, statfs.Flags&unix.ST_NOSUID != 0) |
| 43 | } |
| 44 | if statfs.Flags&unix.ST_NODEV != expectedFlags&unix.ST_NODEV { |
| 45 | return fmt.Errorf("volume %q has nodev flag %v, expected the opposite", path, statfs.Flags&unix.ST_NODEV != 0) |
| 46 | } |
| 47 | if statfs.Flags&unix.ST_NOEXEC != expectedFlags&unix.ST_NOEXEC { |
| 48 | return fmt.Errorf("volume %q has noexec flag %v, expected the opposite", path, statfs.Flags&unix.ST_NOEXEC != 0) |
| 49 | } |
| 50 | |
| 51 | sizeBytes := statfs.Blocks * uint64(statfs.Bsize) |
| 52 | if sizeBytes != expectedBytes { |
| 53 | return fmt.Errorf("volume %q has capacity %v bytes, expected %v bytes", path, sizeBytes, expectedBytes) |
| 54 | } |
| 55 | expectedFiles := expectedBytes / inodeCapacityRatio |
| 56 | if statfs.Files != expectedFiles { |
| 57 | return fmt.Errorf("volume %q has capacity for %v files, expected %v files", path, statfs.Files, expectedFiles) |
| 58 | } |
| 59 | |
| 60 | // Try writing a file. This should only work if the volume is not read-only. |
| 61 | err = os.WriteFile(filepath.Join(path, "test.txt"), []byte("hello"), 0o644) |
| 62 | if expectedFlags&unix.ST_RDONLY != 0 { |
| 63 | if err == nil { |
| 64 | return fmt.Errorf("write did not fail in read-only volume %q", path) |
| 65 | } else if !errors.Is(err, syscall.EROFS) { |
| 66 | return fmt.Errorf("write failed with unexpected error in read-only volume %q: %w", path, err) |
| 67 | } |
| 68 | } else if err != nil { |
| 69 | return fmt.Errorf("failed to write file in volume %q: %w", path, err) |
| 70 | } |
| 71 | |
| 72 | return nil |
| 73 | } |
| 74 | |
| Jan Schär | be70c92 | 2024-11-21 11:16:03 +0100 | [diff] [blame] | 75 | func checkBlockVolume(path string, expectedBytes uint64) error { |
| 76 | blk, err := blockdev.Open(path) |
| 77 | if err != nil { |
| 78 | return fmt.Errorf("failed to open block device %q: %w", path, err) |
| 79 | } |
| 80 | defer blk.Close() |
| 81 | sizeBytes := blk.BlockCount() * blk.BlockSize() |
| 82 | if sizeBytes != int64(expectedBytes) { |
| 83 | return fmt.Errorf("block device %q has size %v bytes, expected %v bytes", path, sizeBytes, expectedBytes) |
| 84 | } |
| 85 | return nil |
| 86 | } |
| 87 | |
| Jan Schär | 652c2ad | 2024-11-19 17:40:50 +0100 | [diff] [blame] | 88 | func testPersistentVolume() error { |
| 89 | if err := checkFilesystemVolume("/vol/default", 0, 1*1024*1024); err != nil { |
| 90 | return err |
| 91 | } |
| Jan Schär | 652c2ad | 2024-11-19 17:40:50 +0100 | [diff] [blame] | 92 | if err := checkFilesystemVolume("/vol/readonly", unix.ST_RDONLY, 1*1024*1024); err != nil { |
| 93 | return err |
| 94 | } |
| Jan Schär | 73beb69 | 2024-11-27 17:47:09 +0100 | [diff] [blame] | 95 | // Block volumes are not supported on gVisor. |
| 96 | if *runtimeClass != "gvisor" { |
| 97 | if err := checkBlockVolume("/vol/block", 1*1024*1024); err != nil { |
| 98 | return err |
| 99 | } |
| Jan Schär | be70c92 | 2024-11-21 11:16:03 +0100 | [diff] [blame] | 100 | } |
| Jan Schär | 652c2ad | 2024-11-19 17:40:50 +0100 | [diff] [blame] | 101 | return nil |
| 102 | } |
| 103 | |
| 104 | func main() { |
| Jan Schär | 73beb69 | 2024-11-27 17:47:09 +0100 | [diff] [blame] | 105 | flag.Parse() |
| 106 | fmt.Printf("PersistentVolume tests starting on %s...\n", *runtimeClass) |
| Jan Schär | 652c2ad | 2024-11-19 17:40:50 +0100 | [diff] [blame] | 107 | |
| 108 | if err := testPersistentVolume(); err != nil { |
| 109 | fmt.Println(err.Error()) |
| 110 | // The final log line communicates the test outcome to the e2e test. |
| 111 | fmt.Println("[TESTS-FAILED]") |
| 112 | } else { |
| 113 | fmt.Println("[TESTS-PASSED]") |
| 114 | } |
| 115 | |
| 116 | // Sleep forever, because if the process exits, Kubernetes will restart it. |
| 117 | for { |
| 118 | time.Sleep(time.Hour) |
| 119 | } |
| 120 | } |